While procurement fraud risks are often thought of as the domain of large federal contractors, small and mid-sized firms are at risk as well, and thanks to increased enforcement, the stakes are higher than ever.
Recent changes to federal regulations; growth in federal, state, and local contracting activity; and vigorous enforcement activity mean increased procurement risk for corporations of all sizes, especially those that don't traditionally focus on selling goods and services to the public sector, according to a report by PricewaterhouseCoopers examining procurement fraud enforcement activity.
"Procurement fraud is perceived as something that happens often and isn't really a big deal," says the report's author, Dalit Stern, a partner in PwC's forensic service group. "But the amounts associated with it could be significant."
And if you think Sarbanes-Oxley compliance eliminates procurement fraud risk, think again. Stern says the biggest misconception companies have about procurement fraud is that resources they've devoted to SOX compliance "make them largely immune to fraud in general and to procurement fraud in particular."
However, internal controls over financial reporting and fraud management processes may be less effective against procurement risk schemes. Why? Because fraudsters who successfully perpetrate their schemes over long periods usually do so by operating under monetary thresholds determined for SOX testing purposes, according to the report, "Cracking down—The facts about risks in the procurement cycle."
"The variety of industries, plethora of government agencies involved, and the spread of the crime's geographical reach indicate that the common denominator of procurement fraud is vulnerability in corporate controls," the report states.
Moreover, Stern notes that the stakes are higher during a downturn.
"Individuals have less loyalty and they're under greater pressure, and recession causes management to focus on revenue generating activity," she says. "This isn't perceived as the best time to look at improving processes and controls."
Add stepped up enforcement to the mix, and doing so is even more important.
A PwC review of enforcement data from the National Procurement Fraud Task Force shows that, since the Task Force's creation in 2006, more than 400 procurement fraud cases have been pursued, resulting in more than 300 criminal convictions and the recovery of hundreds of millions of dollars in civil settlements and judgments.
From June 2007 through June 2008, more than 500 schemes or combinations of schemes were investigated. The vast majority of prosecutions addressed bribery (27 percent), bid rigging (21 percent), embezzlement (21 percent), and false claims (16 percent), according to PwC.
While the government is exposed and more focused on prosecution in defense and related industries, almost two-thirds of reported cases during the period reviewed don't involve military-related spending. Of the non-military industries, procurement fraud cases involving the construction industry were most prevalent. Other industries subject to Task Force prosecutions include education, aerospace, and telecommunications.
While the Army, Navy, Air Force, and Department of Defense accounted for 38 percent of prosecuting agencies, the majority of cases (62 percent) were scattered across 62 different government agencies. The most prevalent non-military agencies involved in procurement fraud cases were those that most engage in contracting activity, such as the Department of Transportation, the Department of Housing and Urban Development, and the Department of Education.
More than half of defendants were vendors or their employees, and close to 32 percent of cases involved public servants, which PwC says underscores how purchasing authority tempts individuals engaged in procurement activities in the public or private sectors.
"Procurement fraud schemes are a combination of greed and lax or limited controls," says Stern. "You can't eradicate greed, but you can enhance your controls in your procurement cycle sub-processes, or at least in the sub-processes that are the most risky."
She recommends companies assess their risk and focus on the processes that are most vulnerable.
Vendor maintenance is "a good place to start," says Stern, "since not many companies go through a rigorous vendor due diligence process."
The report includes a checklist for companies to assess their vulnerability to procurement fraud and provides a list of potential red flags for procurement risk.
No comments yet